flask-saml2
flask-saml2 copied to clipboard
mx-moth
Flask library for building SAML Service Providers and Identity Providers
SHA1 is deprecated. Change signer and digester to use sha256 by default in IdP and SP. Addresses #38 #40
The timestamps produced with `.isoformat()` contain microseconds, in the [idphandler.py](https://github.com/timheap/flask-saml2/blob/c1cd81df42070433ab168708e3d4a43569c00895/flask_saml2/sp/idphandler.py#L269) and [sphandler.py](https://github.com/timheap/flask-saml2/blob/c1cd81df42070433ab168708e3d4a43569c00895/flask_saml2/idp/sphandler.py) `format_datetime` functions. According to [the specs [PDF]](https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf) in section 1.3.3: > SAML system entities SHOULD NOT rely on...
Add example service provider that can access Auth0 IdP. Auth0 is a widely used commercially available service.
I'm trying to run the example. I'm using python Python 3.10.6 and pyOpenSSL-23.1.1. > 127.0.0.1 - - [13/May/2023 00:19:30] "POST /saml/acs/ HTTP/1.1" 500 - > Traceback (most recent call last):...
Currently setup.py lists the install requirement pyopenssl
Making a PR from the work already done by mx-moth to reorder and make SLO metadata optional so that it conforms to specification from [SamlTool](https://www.samltool.com/validate_xml.php) and Canvas. Original mention found...
I would be very useful to add a log or something in this line on `AssertionConsumer` It's very difficult to find an error in the configuration of the IDP with...
This makes two changes to the timestamp format used in assertions. 1) It removes the millisecond component, per issue #23, and 2) It removes the timezone component, which is explicitly...
Hello, Please I came across this awesome project of yours while pentesting, I have some questions ? - When the IDP issues a SAMLResponse is it possible for a DTD...
